Newsletter

Kerpen: What the FCC Privacy Rule Is Really About

If you’ve been watching TV or on social media, you’ve heard that “Republicans are going to let Internet providers sell your browser history.”

It’s not true.Not even close.

What’s really happening is that a corrupt Google power grab from the Obama administration is being overturned.

Here’s the real history.

The Federal Trade Commission (FTC) until 2015 was the cop on the beat for Internet privacy, data security, and consumer protection broadly.The FTC had a well-developed framework that treated all the players the same way - Internet Service Providers (ISPs), search, advertising networks, and social media companies.

That all changed when the Federal Communications Commission (FCC) voted on a 3-2 party-line vote to adopt Barack Obama’s plan to regulate the Internet like a public utility.

That vote pre-empted the FTC’s jurisdiction and stripped Internet users of consumer protections - deliberately creating a vacuum which could then be used to shift the focus of the privacy debate to ISPs, taking the heat off Google, which has vastly more access to personal data.

The FCC took this party-line action despite warnings from the FTC that it would no longer be able to protect consumers as it had in over 100 privacy and data security cases and 150 spam and spyware cases.

FTC Commissioner Maureen Ohlhausen warned that “economists (and common sense) tell us that if different sets of rules govern competitors, companies subject to the more onerous or unpredictable regime are disadvantaged compared to those outside that regime.”

That’s precisely what happened as Google - which had an astonishing 250 personnel rotate into the Obama administration - used its stroke to hobble competitors.

Under the proposed FCC regulations, ISPs with limited market share and limited ability to collect user information would be subject to heavy-handed regulation effectively prohibiting running ads without a prior opt-in, while edge providers that have dominant market share and vast databases of user information are exempt.

The FCC claimed ISPs are uniquely situated to collect user information, but the best available data shows otherwise.Steven Englehardt and Arvind Narayanan of Princeton University found that 61 percent of the top million sites on the web use Google Analytics.

The FCC claim that ISPs are uniquely situated to collect and use user information reflects a basic misunderstanding of how the Internet works.

The Institute for Information Security & Privacy at Georgia Tech concluded that ISPs are highly limited in their ability to collect user information because the average Internet user has more than six different devices, encryption is pervasive and employed by all 10 of the largest websites and 42 of the top 50, and users increasingly decline to use DNS services offered by their ISPs.They found companies like Google have far more access to user information.

As Ajit Pai observed in his dissent: “due to the FCC’s action today, those who have more insight into consumer behavior (edge providers) will be subject to more lenient regulation than those who have less insight (ISPs).”

Pai continued, “when you get past the headlines, slogans, and self-congratulations, this is the reality that Americans should remember: nothing in these rules will stop edge providers from harvesting and monetizing your data, whether it’s the websites you visit or the YouTube videos you watch or the emails you send or the search terms you enter on any of your devices.”

Under the Democratic rules, ISPs can use personal data to tailor advertising or make you special offers - but they need to buy the data from Google first.That’s crazy.

The vote in Congress wasn’t about whether privacy should be protected, but rather who should do the protecting - and whether there should be a level playing field or a sweetheart deal for Google; it’s unfortunate that so many “real” news organizations bought into the Obama Administration spin instead of checking the facts.